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PORTABLE SYSTEM FOR PERSONAL IDENTIFICATION 

TECHNICAL FIELD OF INVENTION 

The present invention relates to novel, improved methods and systems for electronic personal 
identification. Specifically, this invention relates to methods and systems lor pro\'iding an accurate means of 
identifying a particular known or uiiki^own person that may be easily transported from location to location. 

5 

BACKGROUND 

As the computer age has progressed in recent years, there has been a vast increase in the use of private 
electronic transactions. Banks, credit card companies and other financial institutions offer a wide variety of 
options and ser\-ices that may now be conducted online. The ever expanding Internet has brought computerized 

1 0 home shopping to the forefront of cyber-technology. Consumers may now conduct a majority of their financial 

business in numerous ways that either did not exist, or were not available for use b\ the general public as little as 
tive years ago. Some examples of such transactions include computerized home banking, the use of automatic 
teller machines, computerized stock transactions, credit or debit based product dispensers, security entrances, 
telephone access and transactions, long distance calling cards, identification cards (including any such card used 

1 5 tor services like health care, insurance, automobile ser\'ice accounts, etc."), and e\'en secure transactions over the 

Internet. 

The essence of any secret ti ansaction, whether tlnancial or not, is the ability to keep it private and 
secure from potential theft. Although computerization of transactions and impro\-ements in technolog>- have 
increased the ease with which consumers may conduct these private transactions, the nature of the teclinology is 

20 such that the infoimation, when transmitted electronically, can be intercepted and used for criminal puiposcs. 

Conseqtiently, as the usage of these kinds of electronic transactions has increased, a need for improved systems 
and methods to ensure their securit\' has increased as well. Completion of most electronic financial transactions 
requires the use of a password or personal identification number (PIN) that identifies a person as one authorized 
to conduct a specific transaction. For example, most automatic teller machine (ATM) cards have a magnetic 

25 strip that, when read by the ATM computer, identifies the bank and tlie account lo be accessed. The machine 

then asks for entry- of the ITN which has been assigned to that account. If the correct PIN code is entered, the 
user may access the baiik account to conduct a \ ariet\* of transactions, including, withdrawals, deposits or 
requesting account statements. 

There are several drawbacks to this approach. First, the PIN must be chosen w hen the account is 

30 opened, and may only be changed by bank personnel upon request by the user. Therefore, a person who hasn't 

realized that her ATM card was stolen may go days without requesting a new PIN number to be assigned to her 
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account. During that time, the thief who stole her card may have discovered the PIN number, and made 
unauthorized withdrawals from her account. Second, the "choose-your-own" PIN code system is not sufficienth" 
unique to provide adequately reliable identification. A person not tlie owner of an account who obtains 
knowledge of a PIN code mav easily claim unauthorized access to that account because, all she need do is . 
5 discover ihe four digit PIN code number associated with that account. While there are thousands of possible ^ 

permutations or combinations of digits that could make up any one PIN code, the actual code is not specifically 
unique to that person. For example, two or more bank accounts at the same bank could theoretically have the 
same PIN code. As long as the correct PIN code is entered for the account sought to be accessed, the system 
does not care if the entered PIN code could also access other accounts as welL because it only focuses on the 
1 0 specific account number received from the ATM card's magnetic strip. The major fault wath this system is that it 

does not truly identify the account holder, but allows access to anyone holding the card who also enters the 
correct identification number. In other words, the current system merely assumes that if the individual who 
attempts to use the card knows the coirect PIN number, then that person is authorized to access the account. 
Tiierefore, the PIN code system does not offer the tlexibilit}-, securm\ and uniqueness that other forms of 
1 5 identification may offer. Specifically, the PIN code svstem cannot distinguish between users actually authorized 

to access the account, and unauthorized users that have discovered the correct PfW code. 

In typical applications which require the use of a pass key to facilitate access, users are issued a kev 
that contains a specific, predetermined access code stored on a magnetic strip or other such storage de\'ice, and 
which de-activates a locking mechanism, alarm system, or other such device and allows the key holder to access 
20 whatever secure objective was being protected. Again, this method of restricting, access provides flawed 

secunt\'- because it fails to provide a means for positively identiamg the user as an authorized user as a condition 
precedent to granting access to the secure objective. 

Others have attempted to solve the security problem by creating means for identification based on a 
biometric character trait unique to specific users. Such character traits may include voice identification, 
25 fingerprint analysis, retina scan, DNA analysis, or other biometric charactenstic. Bv utilize g technologx' which 

analyzes these t>^pes of character traits, systems have been developed which can more accurately identih' specific 
persons. For example, the invention disclosed m Parra, teaches a method and apparatus for identifying a 
particular individual based on the uniqueness of the acoustic characteristics of His/her voice. According to 
Parra, the voice characteristics of the user are stored on a magnetic strip on the back of a card. When the card is 
30 inserted into the interface, the user is prompted to speak a word, The spoken word is then digitized and its 

acoustic characteristics compared to a stored digital version of the word. If the characteristics of the stored word 
match those of the spoken word, the user ma>' be granted access. 

There are several drawbacks to this approach. First, while the Parra invention attempts to address die 
securit>' issue regardmg uniqueness of identification characteristics, it does not address flexibility of use. The 
3 5 Parra system, like the PIN code system requires the use of a pre-programmed word or phrase that is compared to 

the spoken word or phrase. Parra offers no built-in abilit>' to change the access word or phrase without going 
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llirougti baiik personnel. Further, the Parra invention does not address tying the voice- identification to the 
generation of voice pattern-based numeric, alphanumeric or telephone lone codes for use in applications like 
telephone long distance credit cards, or Internet passwords, which would allow more widespread use of the 
identification teclinology. Finally, the Parra invention is specifically limited to a voice identification technolog>- 
system, rather than relating to a non-platform specific system. 

Online systems, such as those disclosed in the June, 1997 issue oi' Byie magtizine (volume 22, number 
6, pp. 70-80) rely on digital signatures, digital certificates and server-based verification of smart card electronic 
signatures in creating a high level of security for financial transactions and other secured access applications. 
These systems involve high-end algoritiimic encoding of idenlitlcalion numbers which may then be sent to and 
from clients and seners during the authorization process, 'fhese systems, while providing high levels of sccurit\- 
are not fool proof 

I'or "hash" signatures, both the client and server must have the access key to complete the encodmg and 
decoding of the hashed data, fhis means that a securit\* breach at either end (client or server) mav result in a 
hacker's ability to obtain a forgeiy of the access key, and thereby, access to the client's restricted data or 
1 5 accounts. 

Public-key algorithms, provide belter security- in that the ser\'er does not need to have a copv of the 
access key to verify a digital signature. The private key algorithms used to encode the data are known onlv to the 
client enciy-ptor. However, the system of encoding and decoding is set up such that the server side can use a 
different decoder algorithm to verilS' the encoded signature. Therefore, tiie access key remains significantly 
20 more secure than a hash based signature, because it is only known to the client side, while the ser\--er can still 

authenticate it. Public-key algorithms, however, do not assure that the person using the key is the actual owner, 
rather than a forger\\ The key is actually just a number: it bears no resemblance to the particular user, and 
carries no personal or unique data about the user. Furtiier, the public key system requires a great deal of support 
and infrastnicture, particularly in maintaining databases of all active and revoked certificates or keys. 

25 

SUMMARY OF THE INVENTION 

It is an object of the present mvention to provide an accurate electronic personal identification svstem 
which offers improved security and portability. It is a further object of the invention to provide an electronic 
personal identification system based on biometric ID analysis which provides improved security and portability 
30 It is a still further object of the invention to provide an electronic transaction system which contains improved 

personal identification securit>\ and which offers additional features to improve the ease and ne.\ibilit>' of use. 

A preferred embodiment of the invention is a card or other small portable device that contains a device 
which positively identifies the cardholder as an authorized or unauthorized user, and thereby provides or 
prevents access to a specific secure objective (e.g. an ATM machine, security gate or door, computer scanning 
device, and other such accounts, areas or the like which require restricted access). The invention obtains the 
potential user's unique personal identification profile, preferably a digital representation of some uniquelv 
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identifying trait of the user, such as, but not limited to any biometric analysis system (e.g. fmgerprint, DNA, 
palm prmt, retina scan, etc.), or other identification system which produces a digital profile that is sufficiently 
umque as to provide a reasonable degree of ceilainty as to identification. In a preferred embodiment of the 
in\'enlion, the device, circuitr\' or apparatus by which the system obtains the user's ID profile is contained on 
5 board the invention. However, the disclosed invention may receive and utilize an ID profile calculated by an 

outside system as well. 

The identification profile created (or received) by the invention maybe a numeric, alphanumeric, or 
other digital representation of the user's unique biometric or digital signature profile. The spontaneously created 
identification profile is then compared to any predetermined authorized profiles associated with the invention to 
10 deteiTnine if the user is authorized as one of the users assigned to that account. The invention anticipates that 

more than one "account" may be assigned to any particular embodiment of the invention (e.g. cin ID card, bank 
account card, etc.), so that families, businesses, or other groups may share idenlitlcation devices. In other 
words, members of a particular household may use each other s identification cards in order to promote 
HexibiHty of use. 

I 5 Once authorization has been established, the digital representation of the identification value may be 

converted into one or more access codes which may be used to provide access to a particular one of any number 
of secure accounts or databases, restricted areas, or other secure objectives. This feature allows for the existence 
of individually secure "'accounts'* on multiple-user cards. Since several individual and group "accounts" may be 
stored on a single card or other small portable identification device, the creation of ID profile-based personal 

20 identification numbers (PlNs) provides a means by which cards utilized for group accounts may also be utilized 

for individual accounts without risk of secunt>' breach. 

For example, considering an embodiment of the invention as an ID card containing two different 
accounts, a group account may provide access to a residence or other shared secure objective, while on the same 
ID card, an individual account may provide individual access to a bank account. Any member of the group ma\ ' 

25 use the. ID card to access the residence. The card will be able to verify' all of the group members' ID profiles as 

authorized to use the card to access the residence. Howe\^er, if the bank account can only be accessed by a 
specific PIN code, which is based on the authorized user's ID profile, then any PIN code calculated using any 
other group members' ID code will not produce tlie PIN required to access the account, and other group 
members wall be denied access to the bank account. 

30 One preferred embodiment of the invention is a bank account or credit account "smart card" utilizing' 

voice identification technology (similar to that disclosed m Parra), however, it may be noted that other biometnc 
identification analyses may be used (such as fingerprint scan, iris scan, DNA, etc.). In the voice identification 
based system, the smart card converts the user's spoken words into a numerical value based on the user's unique 
digital acoustic characteristics. At the time a bank (or other financial institution) account is opened, the account 

35 holder speaks a predetenruned phrase and/or several predetennined "code w-ords" that are analyzed and 

converted into a base digital voice signature value. The account holder's account information (which may 
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include Ihe original voice profile) may then be stored on the card. The predetermined voice profile represents 
the unique ID profile associated with that account holder, and may be stored on the institution's main computer 
database, on the smart card, or both. . 

Wiien the account holder wishes to access his account, he activates the on-board voice identification 
5 device, which analyzes his voice patterns to detemiine if he is authorized to use the card. Next, the user inserts 

tlie card into an ATM (or other device employed for accessing an account). The invention converts the user's 
spontaneous word or phrase into a voice print value. The voice print value is then compared with the 
predetermined ID profile stored on the ATM card, the online computer database, or both, for match or 
discrepancy range. If the user's voice pattern matches, or is within the acceptable discrepancy ran-e assigned to 
1 0 the account, then the smart card may auiliorize the user to access the account. Otherwise, access to the account 

may be denied. The system may require the user to speak one of any specific code words previouslv recorded b\* 
the user, or may simply anaUae any random words or phrases spoken by the account holder, depending on what 
kind of voice identification technology is employed by the financial institution, or stored on the card or other 
portable device. 

I 3 Other uses for the disclosed invention may include such uses in conjunction with a healthcare serv'ices 

card, driver's license, or passport. As a healthcare ser\nces card the present invention may provide a quick and 
etficient means for positive identification and access to medical h^stor^^ In emergency situations such 
inlbmiation must be quickly obtained in order to provide safe and adequate diagnosis and treatment. Because 
many emergency patients arrive at the emergency room unconscious, the disclosed invention is particularly 

20 suited to allow ER physicians and nurses rapid access to important medical inibrmation that they would not 

othenvise be able obtain from the patient herself , 

As used in conjunction a driver's license or passport, the disclosed invention has particularly miportant 
applications, not only for positively identifying a person, but also for allowing a police officer or other oftlcial 
access to infomiation about a cardholder s criminal record, driving record, or other such infonnation that may be 

25 useful for law enibrcement or regulation of international travel. 

The disclosed invention differs from the prior art in two important ways. First, the biometric 
identification device is preferably on board the card, rather than contained in tiie A'fM machine, 'fhis allows the 
user to verif\' his identit\^ before physically interacting witli the account interlace (e.g. ATM machine). Further, 
it facilitates the use of other features of the invention, such as remote control operation, as well as eliminating tiie 

30 need for expensive, onsite identification devices or systems. The card automatically identifies the user, verii'ies 

his status as authorized or unauthorized, and grants or denies access accordingly. 

Second, the invention includes a feature w hich allow s the creation of unique, secure PIN codes for u.se 
as preliminary or secondan' verification of identification, and which allows multiple group and individual 
accounts to exist on a single card. For example, the card or system may include a device for creating a 

35 distinctive, and user-specific alphanumeric code based on the potential user's unique identification profile value. 

When the potential user activates the verification process, the spontaneously created identification value 
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calculated from his profile is transformed by the invention into a specific code which can be used by the device 
protecting the secure objective as a secondaiy or supplemental means for positive identitlcation. 

A specifically useful application of this feature for fmancial transactions is the creation of secure PIN 
codes for ATM cards. This feature adds flexibility to such cards in that in the event of a malfiinction of or mis- 
5 recognition by the pnmary identification method, the uniquely generated PIN code may still authorize access. 

This secondarv' ID method is equally secure, since it is generated according to the originallv stored \'oice print or 
other ID characteristic. Also, as explained above, this feature allows for the existence and efficient management 
of multiple accounts on a single card. 

Another difterence from the prior art, is that the system of the present invention, as disclosed herein, 

1 0 mav mclude a means for generating unique access codes for use m identifying a user via telephone or computer 

modem. Like the secondare' PIN codes, the transmitted tone codes are generated according to the unique ID 
number assigned to the user's voice print, or other distinctive identitlcation characteristic. Therefore, since the 
tone codes are unique to the user, they are more secure, and unusable bv anyone other than \l\c authorized user. 
Further, the ability to generate these tone codes provides a more tlexible use of the disclosed invention, because 

1 5 compatible on-site equipment at an account location is not required. The card automatically generates the 

correct telephone tones corresponding to tlie account's access code, and thus providing access as if the code had 
been entered manually. This tone code is more secure, however, because it is only generated once identification 
has been established. 

The disclosed invention may be integrated into existing portable electronic devices, like cellular 

20 phones, laptop computers, portable digital assistants (PDAs), calculators, electronic address books, etc., to 

increase the Oexibilm' and portability^ for the user. For example, integration of the invention into a telephone 
(particulai ly a cellular telephone) may be significantly useful. As described above, the invention may create 
specific tone codes for identification purposes, and may have a voice identification based ID system. By 
integrating the invention into a cellular (or other) telephone, the device can take ad\'antage of components 

25 already present m the "host" device. In the telephone example, the device may use the phone's built m 

microphone tmd/or speaker system as the voice ID input. Additionally, any tone codes the device may create and 
transmit may be so created and transmitted by the phone's built in tone generator. 

A prefeiTcd embodiment of the invention also includes the ability to update mibrmation (such as the 
algorithm used to create the specific identification number-based numeric, alphanumeric, or tone code 

30 associated with a particular account) each time the account is accessed. An account utilizing this feature is not 

issued a specific PIN code, but instead uses dynamic codes. Once the account has been accessed, the card stores 
a new algorithm to use tiie next time the account will be accessed. Upon subsequent use, the new algonthm 
converts the user's unique identification value into a completely new PIN code which the account database has 
already associated with the account at, the prior transaction. This feature" provides better security' because any 

3 5 person not authorized to access the account, who may happen to obtain the PIN code on one occasion, will not 

be able to access the account, because the PIN code changes each time the account is accessed. 
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AUeralivcIy, the account may be assigned a plurality of PIN codes, any of which may authorize access 
The smart card may store the algorithms which produce these PIN codes from an authorized user's unique 
identilication value. Each time the account is accessed, the access code generator uses a difTerent, randomly 
chosen stored algorithm, to produce one of the acceptable account access codes. In this manner, the account 
5 may be fiiriher protected because a chance interception of one access code will not automatically grant 

authorization, since the same access code is ne\*er allowed twice in a row. 

The invention as disclosed herein may also be easily integrated into existing renewal systems. The 
identification system may include the abilit>- to store and/or calculate renewal dates, or the number of times a 
particular secure objectix e has been accessed in order to determine when the account must be renewed. For 
1 0 example, when an account card, pass key, etc. is issued, it may grant only limited access in that it remains acti\'e 

only for a specific period of time or for a particular number of accesses, until reactivated or reprogrammed. 
Each time the card or key is used, it may determine whether the access period has lapsed by determining whether 
the renewal date has passed, or whether the ma.xinium number of accesses has been exceeded. The card or other 
device may be renewed via Ijio-inelric identification, or may be reprogrammed, either directly or on line. In this 
I 5 manner, the system provides for increased securit>^ in that a card or other device will automatically cease to 

provide access upon expiration, so that anyone who manages to obtain unauthorized access using that card will 
be unable Lo renew it and continue gaining unauthorized access. 

The above and other objects, advantages and features of the invention will become more apparent 
when considered in conjunction with the following specification and accompanying drawings. 

20 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIGUf^^. 1 shows a block diagram of a preferred embodiment of the disclosed invention. 

FIGURJ:. 2 shows a block diagram of the embodiment of the invention from FIGURE I with a 
combination of advanced features. 
25 FIGURE 3 shows the outside of the enclosure of the invention as embodied in an ATM card, a credit 

card, or a check card issued bv a financial institution. 



DETAILED DESCRIPTION OF THE INVENTION 

Referring now to the drawings, and in particular, with reierence to FIGURE 1, there is shown a block 
30 diagram of a basic embodiment of the disclosed invention. 

Enclosure 1 houses all of the components of the invention, and is of sufficient dimensions to be easih' 
portable. The preferred embodiment includes an enclosure 1 that may be approximately the size of a credit card, 
debit card bank card or electronic smart card, or other small hand held portable device. Housed within 
enclosure I is the verih'mg means 2 which determines whether the person using the card is an authorized user of 
3 3 the card. In the preterred embodiment of the inv ention, input 12 receives analog identification inlbnnalion 

which is converted by \-eritying means 2 into a digital representation of the potential user's identification profile. 
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In the preferred embodiment of the in\ ention, the verifying means 2 on board the deviee captures mid analyzes 
the user's identification protile. For example, input 12 may consist of a microphone for receiving the potential 
user's analog voice representation. Once received by input 12, analyzing means 2 converts the analog signal to a 
digital voice pattern identification profile. Which may then be compared to the user s actual voice profile for 
5 match or discrepancy range. The input 12 and anal\:zing means 2 are not limited to voice identification 

technology, but may include any identification method (including ins scan, fingerprint scan, DNA, or any other 
characteristic unique to individuals) which ma>- be completely housed within the enclosure 1. 

The invention, however, is not limited to including the ability to read and create an initial 
representation of the potential user's identification profile via the analyzing means 2. Input 12 may be merely a 

1 0 signal input which receives a pre-digitized identification profile, created by some outside analysis, for 

verification by analyzing means 2, 

Although the preferred embodiment of the invention anticipates the use of some unique biometnc 
characteristic of the potential user (e.g,. voice pnnt. fingerprint, DNA. palm print or other such unique biometnc 
characteristic), the in\ ention is not limited to biometric identification. Any personal profile, sufficiently unique 

1 5 to provide a reasonable probabilit\' of correct identification, and which is capable of being digitally represented 

and sent via electronic signal, may be utilized in the present invention. 

After detennining the potential user's ID profile, veri tying means 2 outputs the calculated value on 
signal line 4. Next, verifying means 2 obtains any authorized profiles associated with the account from the built 
in storage medium 6, and then compares the stored profile to the potential user's spontaneously created profile. 

20 If the spontaneous profile calculated by verif\ ing means 2 matches, or is wiihin an acceptable discrepancy value 

range of any of the authorized profile stored m the buiU in storage medium 6, then the verifying means 2 
generates a "Positive ID" signal on signal line 3. If the spontaneous profile determined by verifying means 2 
does not match, or is not within an acceptable discrepancy value range of any of the authonzed profile stored m 
the built in storage medium 6, then venfy'ing means 2 generates a "Negaii\e ID" signal on signal line 3. Signal 

25 line 3 IS output at output port 10, and infonns the secure objecuve's database whether the potential user is 

audiorized to use the card. Output port 10 transmits the "Positive ID" signal or "Negative ID" signal to the 
program, circuitrv' or other device associated with the secure objective that ultimately grants or denies access to 
the secure objective. For example, m ATM transactions, the existence of a "Positix e !D" signal output from 
output port 10 W'ould be read by the ATM's input signals, and would cause the ATM to gi*ant tlie user access to 

30 her account. In other applications, the "Positive ID" or "Negative ID" signal may be used to grant or deny access 

to computer accounts, door entries, toggle alarm activator/de- activators, or other such secure objectives. 

Signal line 4 transmits the identification profile spontaneously determined by verify'ing means 2 to code 
generator 5. Code generator 5 transforms the user's unique identification profile into a specific code which may 
be assigned to a user's specific secure objecti\-e (e.g. bank account, restricted room, database, etc.) as a 

35 preliminan-, secondar\- or primar\' access code. Upon activation, code generator 5 uses an algorithm obtained ' 

from memory^ chip 7 to convert user's unique -identitlcation profile into an access code associated with the • 
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secure objeciivc. For example, in ATM applications, the code generator would conxerl the user's unique 
identification profile into a four digit numeric personal identification number (PIN) code, which could tlien 
provide access to the account. Memory- chip 7 may be any t\-pe of memont' chip known in the art. and capable of 
storing multiple algorithms, including any programmable read only mernoiT (PROM) or erasable programmable 
read only memory (EPROM), or other memoiy unit known in the art. Memon- chip 7 may also be 
interchangeable or replaceable so that chips containing pre-stored algorithm may be used and replaced at the 
users discretion. Alieratively, memor\' chip 7, if programmable and/or erasable, may be updated, 
reprogrammed or erased via input/output (I/O) port 9. It should be noted that while FIGURE 1 depicts the 
usage of a separate programmable memoiy chip 7 to supply the code generator 5 with a code generating 
algorithin, such programmable memorv' chip 7 is not necessary for the invention. In another embodiment of the 
in\eniion, the code generating algorithms may be stored on the built in storage unit 6, and accessed by the code 
generator 5 from there. 

Once tlie user's unique identification profile has been transformed into an appropriate access code bv 
code generator 5, the access code is output to output port 1 1 where it may be received by a secure objective to 
determine whether access is granted, 'f he access code output at output port 1 1 may be used as a secondary, or 
alternative method of determining identification and authorization. 

For example, a system for protecting secure areas of a building from unauthorized access may employ 
an embodiment of the disclosed invention employing fingerprint scan as the veriiying means 2. As a back up or 
secondary- means of identification, the s>'stem may require entry of a secure numeric access code. If, during use 
by an unauthorized user, the verifying means 2 improperly sends a "positive ID" signal, then the code generated 
b>- code generator 5. which is based on the user's actual digital fingerprint profile, and output at output port i 1, 
would not match the code assigned to the authorized user's account. Consequently, based on the secondaiy 
identification process, the system would then deny the unauthorized user access to the restricted area. If the 
system relied solely on the "positive ID" or negati\'e ID" signal, then access would be improperly granted. 

In addition to storing the users' identification profile(s), built in storage unit 6 may store information 
relating to the users' "accounts." Such information may include financial infonnation including balances, 
withdrawals, deposits, transfers, credit purchases, and other such infonnation, renewal dates, access statistics, 
and other information. In addition, as indicated above, built in storage unit 6 may also store code generating 
algorithins used by code generator 5 to generate user identification-based access codes for use as alternative or 
secondan' \erification. The built in storage unit 6 may be any storage medium known in the art to which data is 
capable of being written and re-written. Further, storage unit 6 may be removable and interchangeable to 
provide increased capacit}' at the user's option. Input/output port 8 provides easy updating and downloading to 
or from built in storage unit 6 by any computer. ATM machine, facsimile machine, satellite transmitter, or other 
devices or processors capable of being used to transmit electronic data. 

Remote control unit 13 allows the identification device to be used in a variety of ways from a remote 
location (lor example, as a key pass, or a user specific car alarm remote control key. or even highly interactive 
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functions such as remote control use at an ATM machine). Input 14 is a button, or series of buttons that send 
account specific information via infrared, microwave, or other such signal, and which may be received and 
processed by the secure objective (e.g. ATM machine, door lock, auto alarm, etc.). Additionally, remote control 
unit 13 may remotely send information on signal line 3, which includes the "positive ID" or "Negative signal 
5 and/or tlie unique access number (e.g. identification number, PIN code, etc.) created from the user's unique 

identification profile. 

In a typical application, the remote control unit 13 may act as a pass key to a restricted area. For 
example, access to a particular room m a building may be restricted to particular persons. The remote control 
unit 13 may be utilized to send the "Positive ID" or "Negative ID" signal (for example, via infrared signal or 

1 0 other remote control signal known in the art) as the potential user approaches the secured area. When tlie 

electronic lock receives a "Positive ID" signal, it may release the locking mechanism, allowing the verified user 
to immediately access the restricted ajea, witliout having to insert a ke\\ card or other access device. 

FIGURE 2 shows a preferred embodiment of the invention in a t\'pical application as an identification 
card for use with ATM accounts, credit card accounts, debit accounts, or as a driver's license, passport, or other 

15 such form of identification. 

Enclosure 20 houses the components, and may be approximately the same size and dimensions as a 
typical credit card or other bank card; or depending on the area needed for all of the component parts, of 
sufficient size and dimension to accommodate the components, provided that the card is still easily portable. 
Inside enclosure 20, verifying means 21 operates exactly as verifying means 2 from FIGURE I. The verifying 

20 means 21 receives the spontaneous idenUfication input (e.g. voice sample, fingerprint sample, digital signature, 

etc.) at input 36 and converts it into a digital representation. Verifying means 2 may include any and all 
technolog}' necessary- to perform the actual biometric scanning, analysis, or may receive the spontaneous profile 
information from an separate identification device. Next, verify'ing means 2 1 fetches the authorized 
identification profile(s) assigned to the account from built in storage medium 25 (or from a central database) and 

25 compares it (them) to the spontaneously created profile derived from the biometnc analysis for match or 

discrepancy range. Upon match or sufficiently close discrepancy range, a "Positive ID" signal is output at output 
30* Upon mismatch or unacceptable discrepancy range, a "Negative ID" signal is output at output 30, 

Code generator 23 operates similarly to code generator 5 from FIGURE 1 in that it creates an access 
code based on the potential user's spontaneously created identification value for use with a specific account. 

30 Programmable memory- unit 26 provides the code generator 23 with code generating algorithms which it utilizes 

to calculate the account specific access codes. As descnbed above, programmable memory chip may be updated 
by computer or by a financial transaction machine (e.g. ATM machine) as outlined above. 

FIGURE 2, however, introduces an encrypting, means 24, which may be utilized to securely encrv'pt 
either or both the spontaneously calculated identification value, and the access codes generated by code 

35 generator 23. Secure encrv'ption by encrypting means 24 ensures that identification values and access codes may 

not be intercepted upon transmission between the smart card and the transaction machine. Secure encryption of 
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the spontaneously calculated ideniificalion value by encrypting means 24 may occur before or after comparison 
of the spontaneously calculated identitlcation value and the stored account identification value. 

Built in storage medium 25 may be of the same type as that shown as storage medium 6 from FIGURE 
1 . In the prefened embodiment, storage medium 25 in FIGUIIE 2 is divided into specific areas for storing 
5 specific data. One area of storage medium 25 may store account inibnnation, mcluding account or credit 

balances, recent withdrawals and/or deposits or payments, and other such account related information. Storage 
medium 25 may be tiirther divided in to areas which store identification profile iiifonnation which may be read 
by verifying means 2 1 for use in determining authorization. Also, storage medium 25 may set aside storage 
space for storing other externally received, non-account specific electronic data. 
1 0 For example, storage medium 25 may include an area for storing, audio data. The invention as 

disclosed in FIGURE 2 includes a built in digital voice memo recorder for creating, storing and playing back 
digital audio memo files. 

User speaks into microphone 31, which converts the sound into electronic signals that may be digitally 
recorded by recording unit 32 onto built in storage medium 25. Sound memo files, recorded to the storage 

1 5 medium 25 may be replayed by the smart card (or other portable device) as well. Retrieval means 34 retrieves 

stored digital audio data from storage medium 25 and con\'erts the sound to analog signals that are transmitted to 
acoustic speaker 33. which allows the user to hear the sound files stored to storage medium 25. Remote control 
unit 35, mput 36, and output 37 act in precisely the manner as their counterparts in FIGURE 1 (remote control 
unit 13, input 14, and output 15). 

20 The t\'pical application of remote control unit 35 in ATM transactions may greatly increase the safety- 

of the user from potential muggings and robberies. Using the invention, the user can transmit access iiitbnnation 
as well as interactive infonnation from output 37, Once access has been granted, the user can use input 36 
(which may be a button or series of buttons) to select from among a plurality' of functions on the ATM screen 
menu, and conduct other such business from a locked car, while exposing herself only to the extent necessar>' (if 

25 at all) to quickly retrieve cash, make a deposit, or collect a receipt. Remote control unit 35, therefore, allows for 

belter user protection in that a drive-up ATM user would not ha\'e to expose himself or herself to the threat of 
lurking bandits for long periods of time in order to conduct a financial transaction. 

FIGURE 3 depicts the surface of the enclosure of the disclosed invention from FIGUI^ 2 in a t>pical 
application as a bank ATM card, credit card or debit card. In a prefeired embodiment of the invention enclosure 

30 40 appears to be similar to a normal credit card or ATM card in both size and dimension. However, the card 

may be larger (longer, wider, deeper, or a combination of the tliree) than a t\'pical credit card to accommodate 
the component parts. Rather than (or in addition to) the magnetic strip commonly placed on the back of ATM 
cards, debit and credit cards, and other smart cards, the enclosure 40 has one or more output and/or input/output 
ports 41-44 on its edges. The ports 41-44 in FIGURE 3 allow the enclosed invention to interact with a 

35 computer or other machine (e.g. ATM, computerized gas pump, etc.) to determine whether access shall be 

granted; or to download and/or update account infonnation, code generating algorithms or other data. 
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Input 45 corresponds to the identification input 36 from FIGURE 2. In FIGURE 3, input 45 is a 
fingerprint scanning pad. The potential user places her thumb (or any of her fmgers) onto the fingerprint pad 
input 45, The verifying means housed, within the card scans the fingerprint data at input 45, analyzes the print, 
and creates a digital representation of the print which may then be compared to the fingerprint profile of any. 
5 authonzed cardholder stored on the card, m an on-line database, or with on-site access equipment. 

Input 45 IS not limited to the reception of fingerprint data. Input 45 may be capable of receiving any 
type of identification data ionovvn m the art, including, but not limited to biometric identification data (e.g. voice 
identification, ins scan, palm scan, DNA, etc.), or any electronic identification data (e.g. electronic certificate 
data, digital signatures, or odier secure digital identification data). 
1 0 Button 46 is utilized with the remote control function to allow the user to access an account, and to 

select available functions to manage the account. It is not necessan^ that button 46 be a single button. Instead, 
the invention may utilize a series of button like button 46 to perform functions such as selecting tiinctions, 
scrolling a cursor, or other such function as may be necessar>' to tiie operation of the ATM or other such 
machine. 



BNSDOCID: <WO. 



9913434A1J_> 



wo 99/13434 




PCT/US98/19220 



13 



WHAT IS CLAIMED IS: 

1 . A portable iclemification system comprising 

an on boacd verifying means for detennining user auihorization or non-aulhorization, uiierem 
5 said verifying means generates a unique identification protile for each potential user, and then detennines 

whether the generated identification profile is authorized or not authorized; 

a re-writeable storage medium for storing electronic data; and 
one or more data input/output ports. 

2. The system of claim 1 further comprising a code generator employing at least one code 
generating algoritliin for converting an authorized identification value into one or more access codes; 

3. The system of claim 2 further comprising an enciypting means for enciypting said unique 
identification profile and said one or more access codes. 

4. I'he system oi' claim 2, wherein the code generating algoritiim employed by the code generator 
IS replaced by a diflerent algoritlim after it is used by the system. 

5. The system of claim 2, wherein at least one of the one or more access codes generated bv the 
code generator is an alphimumeric code. 

6. The system of claim 2, wherein at least one of the one or more access codes generated bv the 
code generator is a telephone or modem numeric tone code. 

7. The .system of claim 2, wherein at least one of the one or more access codes generated by the 
code generator is a an identification specific digital signature profile. 

8. The system of claim 7, wherein the digital signature profile nia\' be used to encode data for 
secure transmission. 

9. The system of claim I , wherein the re-writeable storage medium for storing electronic data is 
removable. 

10. The system of claim 1 llirther comprising a memoiy chip for storing access code generating 
algorithms. 
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1 I . The system of claim 10, wherein memory chip for storing access code generating algorithms 
is progranunable. 

1 2. The system of claim 10, wherein memory chip for storing access code generating algorithms 
IS interchangeable. 

13. The system of claim 1 , wherein the re-vvriteable storage medium contains the at least one code 
generating algorithm employed by the code generator. 

14. The system of claim 1 , wherein the verifying means comprises an apparatus for analyzing a 
biometric profile of a potential user to determine user authorization or non-authonzation. 

15. The system of claim 14, whercm die biometnc profile information is derived from \'oice 
identification analysis. 

16. The system of clairn 14, wherein the biometric profile information is derived from fingerpnnt 

analvsis. 



1 7. The system of claim 14, wherein the biometric profile information is derived from retina scan 

analysis. 

1 8. The system of claim 14, wherein the biometric profile inlbrmation is derived from DNA 

analysis. 

19. 'fhe system of claim 14, wherein the biometric profile iiiformalion is derived from palm scan 

analysis. 

20. The system of claim 1 further comprising a remote control unit for transmitting information to 
a secure objective from a remote location. 

2 1 The system of claim 1 further comprising a built in digital voice memo recorder for recording 

and storing sound recordings to the built in re-writeable storage medium for later playback or transmission. 

22. The system of claim 2 1 , wherein the digital voice memo recorder includes a microphone for 
receiving sounds and digitizing them, and a recording means for recording the digitized sounds onto the built in 
re-writeable storage medium. 
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23. I he syslein of claim 1 further comprising a playback unit for playing back sound recordings 
stored to the built in re-writeable storage medium, 

24. I'he systern of claim 23, wherein the playback unit includes a retrieval means for retrieving 
digitized sounds from the built in re-writeable storage medium and converting them to analog signals, and an 
acoustic speaker for ouiputting the analog signals as reproduced sounds. 

25. The system of claim 1 , w herein said system grants access only for a specified period of time. 

26. The .system of claim 1 , wherein said system grants access only a specified number of limes. 

27. An identification card comprising 

a veritying means for detemiining user authorization or non-authorization, wherein said 
verifying means generates an identification value for each potential user, and then determines whether the ' 
identification vakie is authorized or not; 

a code generator for converting an authorized identification \'alue intC^ one or more access 

codes; 

a re-writeable storage medium for storing electronic data; and 
one or more data input/output ports. 

28. The identification card of claim 27 further comprising a memor\- chip for storing personal 
identification number code generating algorithms. 

29. I'he identification card of claim 27. wherein at least one of the one or more access codes is an 
automatic teller maciiine personal identification number code. 

30. The identilication card of claim 27, wherein at least one of the one or more access codes may 
be transmitted to the secure objective from a remote location to provide access to financial information. 

3 1 . The identification card of claim 30, wherein the transmitted access code is a numenc 
telephone tone code transmitted over telephone wires. 

32. The identification card of claim 30, wherein the transmitted access code is transmitted by 
infrared signal. 
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33. The identitication card of claim 30, wherein the transmitted access code is transmitted by 
computer network interface. 

.34. The identilication card of claim 27 further comprising a built m calculator for automatically 
updating tlnancial and account information and storing it on the re-vvnteabie storage medium. 
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